Posts tagged "Android"

4 posts

June 24, 2026
From a Student Side Project to a Google Success Story
Google featured Sangiorgi SRL in a Publisher Success Story. Here's the longer version — how a university experiment became an app with 165M+ downloads, and what I've learned building free software that has to pay for itself.
April 18, 2026
FLAG_MUTABLE PendingIntent in DeviceAsWebcam Allows Foreground Activity Hijack via fillIn() Injection
A mutable notification PendingIntent in DeviceAsWebcam enables fillIn() intent injection and forced foreground launch of a system-UID activity from a NotificationListenerService app.
April 8, 2026
Retrieving the ARP Table on Android SDK 30+ via Netlink
Google blocked netlink socket bind in Android 11 (targetSDK 30), breaking ARP table access for apps. I wrote a JNI library that bypasses the restriction by sending RTNetlink dump requests without binding — until SELinux closed the door for good. Ubiquiti wanted to buy it for WiFiMan; I open-sourced it instead.
April 6, 2026
Intercepting Android's ManagedProvisioning: A PendingIntent Vulnerability in AOSP
I found a vulnerability in Android's ManagedProvisioning that lets any unprivileged app intercept privileged provisioning callbacks. Google classified it as low severity.